package com.qf.authserver.controller;

import com.qf.authserver.pojo.SysUser;
import org.springframework.security.oauth2.provider.AuthorizationRequest;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.SessionAttributes;

import javax.servlet.http.HttpServletRequest;
import java.io.Serializable;
import java.util.Map;

@Controller
@SessionAttributes("authorizationRequest") // 必须配置
public class AuthController {

    /**
     * 覆盖oauth的默认授权页面地址
     */
    @RequestMapping("/oauth/confirm_access")
    public String toAuthPage(Map<String, Object> model,
                             HttpServletRequest request) throws Exception {

        // 用户信息
        SysUser sysUser = (SysUser) request.getSession().getAttribute("sysuser_info");
        String profile = sysUser.getProfile();
        model.put("profile", profile);

        /**
         * 1.在oauth2的底层是通过 ClientDetailsService 来查询 oauth_client_details 中信息，然后封装到 ClientDetails 的实现对象中。
         *   代码位置在 ApprovalStoreUserApprovalHandler 中的113行。
         * 2.接着将 ClientDetails 中的信息在设置 AuthorizationRequest。
         */
        AuthorizationRequest authorizationRequest = (AuthorizationRequest) model.get("authorizationRequest");

        Map<String, Serializable> additionalInfomation = authorizationRequest.getExtensions();

        model.put("company_name", additionalInfomation.get("client_name"));
        model.put("scope", authorizationRequest.getScope());

        return "oauth";
    }
}
